Broadsoft, Adtran, and Centos: Cisco SG300-10 VLAN setup in home LAB

Cisco SG300-10 VLAN setup in home LAB

See my post below on how my setup is on the SG300-10 up to this point

http://glenewhittenberg.blogspot.com/2016/02/cisco-sg300-10-initial-setup-and.html

Rundown of topology

Linksys 5 port router/switch connected to cox cable modem with LAN port of Linksys set to IP 192.168.10.1/24, and WAN Port on Linksys IP set to DHCP
Ethernet cable from Linksys to SG300-10 port 1 VLAN 1
NAS of 192.168.10.100 on SG300-10 port 2 VLAN 1
PC of 192.168.10.5 on SG300-10 port 3 VLAN 1
Laptop of 10.10.10.5 on SG300-10 port 10 VLAN 2
For nodes on 192.168.10.0/24 I use gateway 192.168.1.1 (this gets changed later)
For nodes on 10.10.10.0/24 I use gateway 10.10.10.254

My attempt at a text drawing :)

cable modem->Linksys->SG300-10-VLAN1-Port-1->
                                         SG300-10-VLAN1-Port-2->NAS(192.168.10.100)
                       SG300-10-VLAN1-Port-3->PC(192.168.10.5)
                       SG300-10-VLAN1-Port-4
                       SG300-10-VLAN1-Port-5
                       SG300-10-VLAN1-Port-6
                                         SG300-10-VLAN1-Port-7
                                         SG300-10-VLAN1-Port-8
                       SG300-10-VLAN2-Port-9
                                       SG300-10-VLAN2-Port-10->Laptop(10.10.10.5)

Make sure SG300-10 is set to router mode. I did this in the initial setup. Link above for this.

Setup SG300-10 VLAN 1 using port[1-8] with IP 192.168.10.254/24

    SG300-10-JASPER1# conf t
    SG300-10-JASPER1(config)#interface vlan 1
    SG300-10-JASPER1(config-if)#ip address 192.168.10.254 /24
    SG300-10-JASPER1(config-if)#exit
    SG300-10-JASPER1(config)#ip default-gateway 192.168.10.1
    SG300-10-JASPER1(config)#ip name-server 192.168.10.1
    SG300-10-JASPER1(config)#do write mem
    SG300-10-JASPER1(config)#interface range FastEthernet 0/1 , FastEthernet 0/8
    SG300-10-JASPER1(config-if-range)#switchport mode access
    SG300-10-JASPER1(config-if-range)#switchport access vlan 1
    SG300-10-JASPER1(config)#do write mem

Setup SG300-10 VLAN 2 using port[9-10] with IP 10.10.10.254/24

    SG300-10-JASPER1# conf t
    SG300-10-JASPER1(config)#interface vlan 2
    SG300-10-JASPER1(config-if)#ip address 10.10.10.254 /24
    SG300-10-JASPER1(config-if)#exit
    SG300-10-JASPER1(config)#do write mem
    SG300-10-JASPER1(config)#interface range FastEthernet 0/9 , FastEthernet 0/10
    SG300-10-JASPER1(config-if-range)#switchport mode access
    SG300-10-JASPER1(config-if-range)#switchport access vlan 2
    SG300-10-JASPER1(config)#do write mem

Now see if we can Ping all nodes from the SG300-10 cli.

    SG300-10-JASPER1#ping 192.168.10.254
    SG300-10-JASPER1#ping 10.10.10.254
    SG300-10-JASPER1#ping 192.168.10.1
    SG300-10-JASPER1#ping 10.10.10.5
    SG300-10-JASPER1#ping 192.168.10.100
    SG300-10-JASPER1#ping 192.168.10.5

I got responses back from all IP's pinged.

From the laptop cmd prompt I was able to ping 10.10.10.254 and 192.168.10.254, but NOT 192.168.10.1 or 192.168.10.100 or 192.168.10.5 or 8.8.8.8

I then went into my Linksys router and added the static route of:

    Destination = 10.10.10.0
    Subnet Mask = 255.255.255.0
    Gateway = 192.168.10.254

to get my VLAN 2 traffic routed back to my switch, via 192.168.10.254 on VLAN 1 IP we setup a minute ago.

I am now able to ping 192.168.10.1 and 192.168.10.100, but NOT 192.168.10.5 or 8.8.8.8

Turned off firewall on PC 192.168.10.5 and now able to ping that from laptop of 10.10.10.5

Now to get some internet on VLAN 2 so we can ping 8.8.8.8

In SG300-10 I added static route of:

    SG300-10-JASPER1(config)#ip route 0.0.0.0 /0 192.168.10.1

To get traffic from 10.10.10.0/24 out to a valid gateway to the internet.

Now all my machines on both VLANs can communicate to each other, and have internet access.
**Note I had problems with Windows PC's until I disabled the firewall on them.

Here is some tracert output from the Windows PC of 192.168.10.5

First I tracert the NAS of 192.168.10.100 on the same network/VLAN 1 of the PC

C:\Users\glenw>tracert -d 192.168.10.100

Tracing route to 192.168.10.100 over a maximum of 30 hops

1    <1 ms    <1 ms    <1 ms 192.168.10.100

Trace complete.

As you can see everything stays on the switch and same VLAN 1

Now I tracert the laptop of 10.10.10.5 on VLAN 2.

C:\Users\glenw>tracert -d 10.10.10.5

Tracing route to 10.10.10.5 over a maximum of 30 hops

1     1 ms     1 ms     3 ms 192.168.10.1
2     2 ms     5 ms     5 ms 192.168.10.254
3     2 ms    <1 ms    <1 ms 10.10.10.5

Trace complete.

As you can see the traffic goes out my route to the Linksys 192.168.10.1 VLAN 1, then gets directed back to my switch at 192.168.10.254 VLAN 1 (Remember the static route we added to the Linksys earlier), were it knows about 10.10.10.5 on VLAN 2.

Lets try and clean this up so it does not have to go the Linksys first.

First I set my gateway on the PC 192.168.10.5 from 192.168.10.1 to 192.168.10.254. Then try another tracert to 10.10.10.5

C:\Users\glenw>tracert -d 10.10.10.5

Tracing route to 10.10.10.5 over a maximum of 30 hops

1     1 ms     5 ms     4 ms 192.168.10.254
2    <1 ms    <1 ms    <1 ms 10.10.10.5

Trace complete.

That's better. Stays on the switch, and 4 ms quicker (half the time).

This tracert shows it uses my new gateway on the switch 192.168.10.254 VLAN1 and routes it to VLAN 2. All of this staying on the switch.

The real advantage is the traffic that can stay on the switch does, and will not have to go to the router first and compete with other traffic, just to come back to the switch again.

I will now setup the two Ethernet interfaces for my ESXi server with one on VLAN 1 and the other on VLAN 2.
I may also setup my Trendnet Gigabit POE switch on VLAN 1 for my Yealink desk phone.
There are various other devices on the Linksys Ethernet and Wifi as well. I have Ethernet from the Linksys into the AC power outlets and have devices on that.
I do not show all devices in my network below, just the ones I will connect to the SG300-10

cable modem->Linksys->SG300-10-VLAN1-Port-1
                     SG300-10-VLAN1-Port-2->NAS(192.168.10.100)
                                         SG300-10-VLAN1-Port-3->PC(192.168.10.5)
                       SG300-10-VLAN1-Port-4
                                         SG300-10-VLAN1-Port-5
                       SG300-10-VLAN1-Port-6
                                         SG300-10-VLAN1-Port-7->Trendnet POE Gigabit Switch Port1
                                               Trendnet POE Gigabit Switch Port2->Yealink T19
                                           Trendnet POE Gigabit Switch Port3
                                               Trendnet POE Gigabit Switch Port4
                                           Trendnet POE Gigabit Switch Port5
                    SG300-10-VLAN1-Port-8->ESXi-eth1(192.168.10.90 vswitch0 Management)
                    SG300-10-VLAN2-Port-9->ESXi-eth2(vswitch1)
                    SG300-10-VLAN2-Port-10->Laptop(10.10.10.5)

Or maybe I will put all my nodes in my LAB on the same VLAN. Or maybe I will setup a vm pfSense router in the ESXi (since I have two interfaces, one in each VLAN) so I can get supper granular with traffic between the VLANs. The neat thing is I have lots of options now. I like that!

Enjoy!

1 comment:

Eleena TomSeptember 30, 2021 at 11:39 PM
Linksys LGS124 Ethernet Switch in UAE, 24-Port Unmanaged Ethernet Switch in UAE, Gigabit Ethernet Switch in UAE
https://gccgamers.com/linksys-lgs124-24.html
Linksys LGS124 in UAE, Safe Shopping Multiple Payment Options Express Delivery GCC Gamers Moneyback Guarantee.
1633070386933-9

Broadsoft, Adtran, and Centos

Why?

Search This Blog

Saturday, February 20, 2016

Cisco SG300-10 VLAN setup in home LAB

1 comment: